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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period wilt apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 18 October 2004 . 
2a)H This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) G>3 Claim(s) 7-32 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) 1-32 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) ^ The drawing(s) filed on 18 October 2004 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(cJ) or (f). 
a)D All b)Q Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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Claim Rejections - 35 USC § 102 

1 . The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351 (a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



2. Claims 1 through 32 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Coss et. al (US Patent 6,098,172). 

3. Referring to claims 1,11, and 21 : 
Coss et. al. disclose: 

A computerized method, a computer-readable medium having computer-executable 
instructions, and a computerized system for automatically configuring a firewall 
operating within an individual computer comprising: 

a. ) determining a zone for a network address dynamically assigned to a network 

adapter in the individual computer (column 6, lines 53-61; column 7, lines 9- 
1 1 ; and lines 53-67); and 

b. ) associating a security policy for the zone with the network adapter (column 7, 

lines 53-67); with 
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c. ) the security policy specifying the firewall configuration to protect the individual 

computer (column 4, lines 17-32); 

d. ) implementation on general-purpose PC hardware. General-purpose 

hardware, by the very definition of the word, implies a processing unit, a 
memory coupled to the processing unit through a bus, a network adapter 
coupled to the processing unit through the bus (such as a Network Interface 
Card connected to a PCI bus) and further operable for coupling a network 
(column 3, lines 20-30; column 6, lines 58-61; column 11, lines 3-4); 

e. ) (specifically Claim 21) a firewall process executed from the memory by the 

processing unit to protect the computerized system when the network adapter 
is coupled to a network by causing the processing unit to filter data addressed 
to the network adapter according to a security policy (see column 6, lines 49- 
67). 

4. Referring to claims 2, 12, and 24: 

Coss et. al. disclose the limitations of claims 1,11, and 21 above. Coss et. al. further 
disclose: 

e.) determining the network address assigned to the network adapter (column 6, 
lines 58-61 and column 7, lines 2-4). 



5. 



Referring to claims 3, 18, and 25: 
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Coss et. al. disclose the limitations of claims 1,11, and 21 above. Coss et. al. further 
disclose : 

f. ) the zone is defined by a set of network addresses (column 6, lines 47-67; 

column 7, lines 1-4 and lines 61-67). 

6. Referring to claims 4, 19, and 26: 

Coss et. al. disclose the limitations of claims of 3, 18, and 25 above. Coss et. al. further 
disclose : 

g. ) the set of network addresses comprises at least one address within the zone 

(column 7, lines 2-4). 

7. Referring to claims 5, 20, and 27: 

Coss et. al. Disclose the limitations of claims 3, 18, and 25 above. Coss et. al. further 
teach a rule table which allows separate rules to have overlapping network addresses, 
that, when checked in sequential order, which discloses : 

h. ) wherein the set of network addresses comprises at least one address outside 

the zone (column 7, lines 61-67). 

8. Referring to claims 6, 13, and 28: 

Coss et. al. disclose the limitations of claims 1,11, and 21 above. Coss et. al. further 
disclose : 

i. ) assigning the security policy to the zone (column 6, lines 48-61 ). 



Application/Control Number: 09/803,527 
Art Unit: 2145 



Page 5 



9. Referring to claims 7, 14, and 29: 

Coss et. al. disclose the limitations of claims 1,11, and 21 above. Coss et. al. further 
disclose : 

j.) retrieving a policy file that contains definitions for the zone and the security 
policy and specifies that the security policy is assigned to the zone (column 9, 
lines 6-9). 

1 0. Referring to claims 8, 1 5, and 30: 

Coss et. al. disclose the limitations of claims 7, 14, and 29 above. Coss et. al. teach the 
loading of a firewall rules by a "firewall administration," which may be the user of the 
device, as evidenced by the teaching of the firewall in a set top box, terminal, or other 
user terminal, which further discloses : 

k.) creating the policy file from data input by a user (column 4, lines 17-19; 
column 11, lines 3-7). 

1 1 . Referring to claims 9, 1 6, and 31 : 

Coss et. al. disclose the limitations of claims 7, 14, and 29 above. Coss et. al. further 
dislcose : 

I.) creating the policy file from data input by an administrator (column 4, lines 17- 
19). 
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12. Refering to claims 10, 17, and 32: 

Coss et. al. disclose the limitations of claims 7, 14, and 29 above. Coss et. al. further 
disclose : 

m.) receiving data from a predetermined location on a network through the 
network adapter and creating the policy file from the data(column 9, lines 6- 
9). 

Response to Argument 

13. Applicant's arguments filed October 18, 2004 have been fully considered but they 
are not persuasive. The amended claims do not overcome the rejections based on the 
cited prior art. 

14. Applicant argues that the system disclosed in Coss et. al. is a system coupled 
between computers and networks in contrast to the firewall for an individual computer 
disclosed in the application. Coss et. al., however, fully anticipate the application. Coss 
et. al. specifically describe a firewall in "general-purpose PC hardware" (see column 3, 
line 28). Additionally Coss et. al. note that their firewall may be constructed with "a 
second portion of the firewall resident in a set-top box, computer or other user terminal 
in a home or business" (see column 1 1 , lines 2-4). In that scenario, the proxy aspect of 
the firewall of Coss et. al. would serve as the first portion, where the firewall and packet 
filtering would serve as the second portion. This point is made obvious with the mention 
of "set-top box" and "user terminal in a home," where a proxy would not necessarily (or 
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ordinarily) be needed, but access control in the computer would be wanted (see column 
11, lines 6-7). 

1 5. The applicant also argues that as opposed to Coss et. al., the application 
discloses a firewall that operates with its dynamically assigned address, and therefore 
Coss do not disclose the invention. But Coss et. al. disclose a firewall that operates 
based on "hardware address information" (see column 5, lines 60-61), "the incoming or 
outgoing network interface" (see column 6, line 54) in a network card that supports 
dynamic addresses (see column 6, lines 58-61). Moreover, Coss et. al. describe the use 
of "dynamic rules" that may be based on "current information" (see column 9, line 5) 
which may include source and destination information (see column 9, line 6). That 
describes a system that operates on its own dynamically assigned address. Likewise, 
Coss et. al. describe a firewall operating "...on the basis of which interface received the 

. packet..." (see column 7, line 9) as well as one that has rules based on the destination 
address of packets (see column 7, lines 28-31 ). 

Conclusion 

16. THIS ACTION IS MADE FINAL Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
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mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to John F Gianola whose telephone number is (571) 272- 
3848. The examiner can normally be reached on Mon - Fri (8:30 - 5:00). 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin-Wallace can be reached at (571)272-6159. The fax phone 
number for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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